GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
872 advisories
Filter by severity
Potential memory corruption in arrayfire
Critical
CVE-2018-20998
was published
for
arrayfire
(pip)
Aug 25, 2021
Heap overflow or corruption in safe-transmute
Critical
CVE-2018-21000
was published
for
safe-transmute
(Rust)
Aug 25, 2021
Uncontrolled recursion in trust-dns-proto
High
CVE-2018-20994
was published
for
trust-dns-proto
(Rust)
Aug 25, 2021
Uncontrolled recursion in rust-yaml
High
CVE-2018-20993
was published
for
yaml-rust
(Rust)
Aug 25, 2021
Improper Certificate Validation in openssl
High
CVE-2016-10931
was published
for
openssl
(Rust)
Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio
Moderate
CVE-2016-10933
was published
for
portaudio
(Rust)
Aug 25, 2021
HTTPS MitM vulnerability due to lack of hostname verification
Moderate
CVE-2016-10932
was published
for
hyper
(Rust)
Aug 25, 2021
Headers containing newline characters can split messages in hyper
Moderate
CVE-2017-18587
was published
for
hyper
(Rust)
Aug 25, 2021
Improper Input Validation in cookie
High
CVE-2017-18589
was published
for
cookie
(Rust)
Aug 25, 2021
Improper Certificate Validation in security-framework
Moderate
CVE-2017-18588
was published
for
security-framework
(Rust)
Aug 25, 2021
Memory corruption slice-deque
Critical
CVE-2018-20995
was published
for
slice-deque
(Rust)
Aug 25, 2021
Multiple memory safety issues in actix-web
Moderate
GHSA-w65j-g6c7-g3m4
was published
for
actix-web
(Rust)
Aug 25, 2021
VecStorage Deserialize Allows Violation of Length Invariant
Moderate
GHSA-h3mf-4fwp-59c7
was published
for
nalgebra
(Rust)
Aug 5, 2021
•
withdrawn
OS command injection in ripgrep
Critical
CVE-2021-3013
was published
for
grep-cli
(Rust)
Aug 5, 2021
SMTP command injection in lettre
Critical
CVE-2021-38189
was published
for
lettre
(Rust)
Jul 12, 2021
Integer Overflow in Chunked Transfer-Encoding
Moderate
CVE-2021-32714
was published
for
hyper
(Rust)
Jul 12, 2021
Lenient Parsing of Content-Length Header When Prefixed with Plus Sign
Low
CVE-2021-32715
was published
for
hyper
(Rust)
Jul 12, 2021
ProTip!
Advisories are also available from the
GraphQL API